Applications moved into a managed cloud environment need Identity and Access Management services to ensure user accounts, passwords and roles are all managed properly for the purposes of Security and Audit. In this session, we’ll discuss the key considerations for a Hosted Private Cloud deployment of Oracle applications integrated with Oracle Identity Management Suite to provide self-service account provisioning and federated Single Sign-on (SSO) for an organization’s internal and external users. You will also hear from a customer on how their key business requirements were addressed with Managed Identity Services from Oracle running at Oracle.
Today I’d like to start off by explaining a bit about Oracle’s Cloud Solutions and show you how Oracle Managed Cloud Services fits into Oracle’s broader cloud offerings and its key differentiators.Then I will get into the details of today’s session: Managed Cloud Services for Identity and Access ManagementI will be going over the solution that Oracle Managed Cloud Services has implemented to meet the Identity and Access management challenges of INC Research and also give you a peek into our new service offering, MIDaaS.
Oracle Cloud Solutions encompasses all types of cloud offerings giving you multiple deployment models to choose from. From the Oracle Cloud (public cloud) , to building your own private cloud as well as having Oracle manage a Private Cloud for you. There are different ways to consume software and technology with cloud computing. There are Public Clouds, as in this example what Oracle calls “Oracle Cloud” where hardware and computing resources are shared amongst customers and there is no hardware to buy or software to manage – your technology is delivered as a subscription-based service from the cloud referred to asSaaS. The SaaS provider in this case, Oracle, owns & operates the technology for you.Often to extend traditional on-premisemodels, customers will build their own private clouds where they offload development and testing to a private area in the cloud or build / deploy applications from their own exclusive cloud and run / maintain that cloud deployment themselves. Meaning the customer owns and operates the technology for themselves.And then in the Managed Cloud Service, you can use a third party provider like Oracle to run, maintain, and even upgrade your applications in the cloud as managed service, reducing costs and lowering risk. Today we are going to focus on Oracle Managed Cloud Services.((Add’l speaking notes: Typically, most customers will journey to the cloud through a variety of cloud computing models while still getting value from their on-premise technology investments. Oracle has offerings in all of these deployment models giving you the choice has to how you want to journey to the cloud.))
Today I’d like to start off by explaining a bit about Oracle’s Cloud Solutions and show you how Oracle Managed Cloud Services fits into Oracle’s broader cloud offerings and its key differentiators.Then I will get into the details of today’s session: Managed Cloud Services for Identity and Access ManagementI will be going over the solution that Oracle Managed Cloud Services has implemented to meet the Identity and Access management challenges of INC Research and also give you a peek into our new service offering, MIDaaS.
When we talk to customers about cloud – their 3 areas of interest are centered around getting value from the cloud, having flexibility in their cloud choices without lock-in and lastly really wanting to have confidence that the cloud provider they choose would secure and protect their data even better than they would.Oracle Managed Cloud Services has the expertise to provide complete end-to-end managed cloud services for Oracle hardware and software across the entire operations lifecycle; where Oracle provides deployment, management, monitoring, patching, security, and upgrade services for your entire stack. Oracle’s Managed Cloud Services are a critical and proven part of Oracle’s broader cloud offerings that allow businesses to transition with confidence to an enterprise-grade cloud.Because of this deep, specialized Oracle expertise within our managed cloud services, Oracle Managed Cloud Services enable organizations to extend your Oracle investments into the cloud with greater value, choice and confidence. Since we developed and support the entire “stack”, we have unparalleled access to the latest technology developments and to a pool of resources unavailable anywhere else. And can provide more value through this optimization of hardware and software. This includes access to Oracle Product Development as well as Oracle Support. Because we work with the entire stack, we are able to engineer solutions together with certified configurations.Also, we support all the new Oracle application software and have accelerated learning in all Oracle technologies – and can implement much faster than a customer would be able to achieve on their own. Oracle also provides more confidence to customers in that Oracle systems and data is secured at every layer in the stack. Oracle has world class security standards and governance policies that would be nearly impossible to emulate on your own.
For well over 35 years, Oracle has been in the business of technology and data management. Oracle Managed Cloud Services has been successfully managing customers data for over 13 years. So we are very experienced in the business of data and cloud management. Oracle’s has proven expertise in managing technology, applications and systems for customers in the cloud. The stats tell the story. Unparalleled Oracle expertise ensures reliability, and scalability with 1.25 trillion business transactions a day – 41 petabytes of managed storage and growing. With global data centers supporting 27 languages.Additionally when any one talks about cloud, they want to know about security. Oracle has the most comprehensive security and compliance practices and offerings in the market today. Giving you confidence and reliability 24/7. Because of this deep, specialized Oracle expertise within our managed cloud services, Oracle Managed Cloud Services enable organizations to extend your Oracle investments into the cloud with greater value, choice and confidence.
Today I’d like to start off by explaining a bit about Oracle’s Cloud Solutions and show you how Oracle Managed Cloud Services fits into Oracle’s broader cloud offerings and its key differentiators.Then I will get into the details of today’s session: Managed Cloud Services for Identity and Access ManagementI will be going over the solution that Oracle Managed Cloud Services has implemented to meet the Identity and Access management challenges of INC Research and also give you a peek into our new service offering, MIDaaS.
INC Research need is to build an IDM solution that is an integral part of their access and identity management workflows. And it should cater the need for both externally facing customer focused systems and also for internal provisioning. With the criticality that this presents, uptime and disaster recovery are of at most important.The solution should automate the provisioning of users and offer SSO capabilities for web enabled applications and it should treat the corporate data as an asset and federate access to the connected directory servers.Last but not the least, the solution designed should exceed or meet the industry security standards with auditing and reporting capabilities to enforce the security compliance.You have heard from Nate Thompson of INC Research earlier about their company and their requirements for an Identity and Access Management solution. Over the next few slides, I will be going over the solution that Oracle Managed Cloud Services has implemented for INC Research to address their challenges in the Identity and Access Management space.
All the IDM components that are highlighted in RED in the diagram are deployed into their own private cloud @OracleAs the solution demands, IDM components are setup in a HA configuration with Max DR AvailabilityApplications listed on the top, Webcenter, OBIEE and PeopleSoft are hosted in their own private cloud @Oracle. Project Point is hosted @Customer.Federated Single Sign-On is implemented successfully for all the listed applications irrespective of their hosting location.And Some of these applications are internet facing and the access is secured thru the public mid-tier.The solution offers the ability to integrate with multiple Identity Providers with a Custom IDP Discovery Service.In addition to the Single Sign-On, Extensive Provisioning functionality is implemented thru a Custom User Management Portal.The portal is accessed by both Internal and external customer focused users for submittingAccount and Entitlement requests. Both the custom IDM discovery service and the User Management Portal are hosted @Oracle.This highlights the advantage of a private cloud. It gives you the flexibility to deploy a vanilla product and add customizations on the top of it.
Industry standard SAM2 protocol is used for federation between Service Provider(OIF) @Oracle and Identity Provider(ADFS) @IncNo passwords stored in the cloud and hence no need of any password sync between Oracle Cloud and Customer systems.And we have implemented a Common model for application authorizations thru the use of OID Groups and RolesThe implementation achieves a Seamless integration of federation with applications hosted @Oracle and also @Customer.The architecture is put together in such a way that it is Extensible for future federations setup with N number of identity providersThe key point to take way with federation is that users get convenient SSO, and no internal customer credentials are ever exposed to us.
There are two types of users for INC Research, internal users and customer focused external users.Internal user on-boarding is accomplished thru the Trusted Reconciliation with Active Directory.External user on-boarding is done thru self-registration capabilities offered thru the Custom User Management PortalCustom User Management Portal is an ADF application and it is integrated with OIM thru SPML interface.Enterprise roles that are pertinent to INC are populated in OIM thru a sync from PeopleSoft.Provisioning to OID is achieved thru LDAP Sync configured with rule mappings for multiple OIM organizationsProvisioning to Active Directory for external users is achieved thru Rule based Access provisioning policies.There is no password reconciliation between OIM and any of the targets.
Oracle Managed Cloud Services has successfully implemented the Identity and Access Management Services for multiple customers. As you see here, we have customers from various industry verticals for both Single Sign-on and Provisioning service.The implementations not only includes the integration with Oracle products but also with varioius 3rd party applications for both Single Sign-on and provisioning.
Up until now all the Managed Identity and Access Management Cloud Services are offered as individual services. With the experience gained and the feedback received from all the previous customer implementations, we are now going to offer two different Managed Cloud services for Identity and Access Management.One is a dial-tone service which is essentially a pre-packaged solution. The dial-tone service is primarily intended for small to medium size companies that would like to have a quick implementation of the service and don’t have a need yet for a full blown managed service.The second one is the specialized(Fully Managed) Service that will offer the flexibility to tailor the solution for a given customer’s requirement. With Fully Managed service, you will get the support of Managed Cloud Services team to architect, customize, 3rd party integration and to add any enhanced security services for your environment.
For your convenience , here is a list of the other Managed Cloud Services sessions that are happening at OpenWorld.
Tell customers to visit the FB page:https://www.facebook.com/CloudOdysseyTake a cutout picture of yourself as a member of the crewTalk to cloud product expertsWatch the designer create the movie scenes
With Fusion Middleware, you can extend and maximize your existing technology investment with the same technologies used in Fusion Applications, including embedded analytics and social collaboration, and mobile and cloud computing. Oracle’s complete SOA platform lets your IT organization rapidly design, assemble, deploy, and manage adaptable business applications and—with Oracle’s business process management tools—even bring the task of modeling business processes directly to the business analysts. Oracle Business Intelligence foundation brings together all your enterprise data sources in a single, easy-to-use solution, delivering consistent insights whether it’s through ad hoc queries and analysis, interactive dashboards, scorecards, OLAP, or reporting. And, your existing enterprise applications can leverage the rich social networking capabilities and content sharing that users have come to expect in consumer software. Oracle Fusion Middleware is based on 100 percent open standards, so you aren’t locked into one deployment model when your business requirements change.